A weakness in SIM card encryption technology could allow attackers to snoop on mobile phone conversations, according to a Berlin-based security researcher.
Among the things a potential hacker can do, one a SIM card’s digital key is cracked are:
- Read data embedded on the SIM
- Install software on the handset that runs independently of the phone
- Steal data from the SIM card
- Steal personal information
- Eavesdrop on phone conversations
- Alter account information
The vulnerability was found in the Digital Encryption Standard, a cryptographic method developed by IBM in the 1970s and used in billions of phones today.
The encryption method has been enhanced in the past decades since then but many handsets still use the old standard. A test showed that 1,000 SIM cards in Europe and North American shows signs of the flaw.